[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[RHSA-2002:312-02] Updated OpenLDAP packages fix various vulnerabilties.



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Updated OpenLDAP packages fix various vulnerabilties.
Advisory ID:       RHSA-2002:312-02
Issue date:        2003-02-07
Updated on:        2003-08-25
Product:           Red Hat Enterprise Linux
Keywords:          openldap setuid .ldaprc buffer overflow
Cross references:  RHSA-2002:296
Obsoletes:         RHSA-2002-014
CVE Names:         CAN-2002-1378 CAN-2002-1379 CAN-2002-1508
- ---------------------------------------------------------------------

1. Topic:

Updated OpenLDAP packages are available which fix a number of local and
remote buffer overflows in libldap as well as the slapd and slurpd daemons.
Additionally, potential issues stemming from using user-specified LDAP
configuration files have been addressed.

[Updated 06 Feb 2003]
Added fixed packages for Red Hat Linux Advanced Workstation 2.1

[Updated 13 Aug 2003]
Added openldap12 packages for Red Hat Linux Advanced Server 2.1
and Advanced Workstation 2.1 that were originally left out of this errata.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64

3. Problem description:

OpenLDAP is a suite of LDAP (Lightweight Directory Access Protocol)
applications and development tools. LDAP is a set of protocols for
accessing directory services. In an audit of OpenLDAP by SuSE, a number of
potential security issues were found.

The following is a list of these issues:

When reading configuration files, libldap reads the current user's .ldaprc
file even in applications being run with elevated privileges.

Slurpd would overflow an internal buffer if the command-line argument used
with the -t or -r flags is too long, or if the name of a file for which it
attempted to create an advisory lock is too long.

When parsing filters, the getfilter family of functions from libldap can
overflow an internal buffer by supplying a carefully crafted
ldapfilter.conf file.

When processing LDAP entry display templates, libldap can overflow an
internal buffer by supplying a carefully crafted ldaptemplates.conf file.

When parsing an access control list, slapd can overflow an internal buffer.

When constructing the name of the file used for logging rejected
replication requests, slapd overflows an internal buffer if the size
of the generated name is too large. It can also destroy the contents of any
file owned by the user 'ldap' due to a race condition in the subsequent
creation of the log file.

All of these potential security issues are corrected by the packages
contained within this erratum.

Red Hat Linux Advanced Server users who use LDAP are advised to
install the updated OpenLDAP packages contained within this erratum.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

Please note that this update is available via Red Hat Network.  To use Red
Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/openldap-2.0.27-2.7.3.src.rpm
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/openldap12-1.2.13-8.src.rpm

i386:
Available from Red Hat Network: openldap-2.0.27-2.7.3.i386.rpm
Available from Red Hat Network: openldap-clients-2.0.27-2.7.3.i386.rpm
Available from Red Hat Network: openldap-devel-2.0.27-2.7.3.i386.rpm
Available from Red Hat Network: openldap-servers-2.0.27-2.7.3.i386.rpm
Available from Red Hat Network: openldap12-1.2.13-8.i386.rpm

ia64:
Available from Red Hat Network: openldap-2.0.27-2.7.3.ia64.rpm
Available from Red Hat Network: openldap-clients-2.0.27-2.7.3.ia64.rpm
Available from Red Hat Network: openldap-devel-2.0.27-2.7.3.ia64.rpm
Available from Red Hat Network: openldap-servers-2.0.27-2.7.3.ia64.rpm
Available from Red Hat Network: openldap12-1.2.13-8.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/openldap-2.0.27-2.7.3.src.rpm
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/openldap12-1.2.13-8.src.rpm

ia64:
Available from Red Hat Network: openldap-2.0.27-2.7.3.ia64.rpm
Available from Red Hat Network: openldap-clients-2.0.27-2.7.3.ia64.rpm
Available from Red Hat Network: openldap-devel-2.0.27-2.7.3.ia64.rpm
Available from Red Hat Network: openldap-servers-2.0.27-2.7.3.ia64.rpm
Available from Red Hat Network: openldap12-1.2.13-8.ia64.rpm



6. Verification:

MD5 sum                          Package Name
- --------------------------------------------------------------------------
148ac6c282678e649d9bc82ef68472ec 2.1AS/en/os/SRPMS/openldap-2.0.27-2.7.3.src.rpm
92d8d3db8064d35faab46b59c077251d 2.1AS/en/os/SRPMS/openldap12-1.2.13-8.src.rpm
878a1302654284097cd6b1ff37dcb990 2.1AS/en/os/i386/openldap-2.0.27-2.7.3.i386.rpm
42bdf5437712c8b7240cdb6dee4ec8c1 2.1AS/en/os/i386/openldap-clients-2.0.27-2.7.3.i386.rpm
4fedaaa2c3bae85580d80b981af12194 2.1AS/en/os/i386/openldap-devel-2.0.27-2.7.3.i386.rpm
9341c678193d6f6dda7c9718df75d614 2.1AS/en/os/i386/openldap-servers-2.0.27-2.7.3.i386.rpm
0a692fe198ed8743ede8e6dbf999e486 2.1AS/en/os/i386/openldap12-1.2.13-8.i386.rpm
518f368e458a617daa37baefb331fa09 2.1AS/en/os/ia64/openldap-2.0.27-2.7.3.ia64.rpm
c5b77b9c6a01f72f13438d058ec05cb9 2.1AS/en/os/ia64/openldap-clients-2.0.27-2.7.3.ia64.rpm
55e81b9cb1e2ae1a44ceb833470087ee 2.1AS/en/os/ia64/openldap-devel-2.0.27-2.7.3.ia64.rpm
5c6dd70a327ced63f143eee0587e9439 2.1AS/en/os/ia64/openldap-servers-2.0.27-2.7.3.ia64.rpm
fccda5abf8c02f80a5713438854ccb39 2.1AS/en/os/ia64/openldap12-1.2.13-8.ia64.rpm
148ac6c282678e649d9bc82ef68472ec 2.1AW/en/os/SRPMS/openldap-2.0.27-2.7.3.src.rpm
92d8d3db8064d35faab46b59c077251d 2.1AW/en/os/SRPMS/openldap12-1.2.13-8.src.rpm
518f368e458a617daa37baefb331fa09 2.1AW/en/os/ia64/openldap-2.0.27-2.7.3.ia64.rpm
c5b77b9c6a01f72f13438d058ec05cb9 2.1AW/en/os/ia64/openldap-clients-2.0.27-2.7.3.ia64.rpm
55e81b9cb1e2ae1a44ceb833470087ee 2.1AW/en/os/ia64/openldap-devel-2.0.27-2.7.3.ia64.rpm
5c6dd70a327ced63f143eee0587e9439 2.1AW/en/os/ia64/openldap-servers-2.0.27-2.7.3.ia64.rpm
fccda5abf8c02f80a5713438854ccb39 2.1AW/en/os/ia64/openldap12-1.2.13-8.ia64.rpm


These packages are GPG signed by Red Hat for security.  Our key is
available from https://www.redhat.com/security/keys.html

You can verify each package with the following command:
    
    rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    
    md5sum <filename>


7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1508

8. Contact:

The Red Hat security contact is <secalert redhat com>.  More contact
details at https://www.redhat.com/solutions/security/news/contact.html

Copyright 2003 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE/ShlqXlSAg2UNWIIRAh3vAJsGPRx244t6OITl/B3wJyVG3EHdyQCgwss8
4fzOKhz1kU5O6oqH+m7xIWw=
=8V7S
-----END PGP SIGNATURE-----



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]